Study Guide · SCS-C03

AWS Certified Security - Specialty Study Guide

6 domains · 16 subtopics · weighted by the official SCS-C03 exam guide

Preparing for the AWS Certified Security - Specialty (SCS-C03)? You are in the right place. This is the written companion to the practice exams: a complete, plain-language walk through everything the test covers, gathered in one place so you can build real understanding instead of memorizing service names.

The exam is written for a security professional with a few years of hands-on AWS experience, and it rewards judgment far more than recall. Almost every question hands you a scenario and asks which control owns the problem and which option is the safest one that still meets the requirement. You will repeatedly choose between near-identical answers: temporary STS credentials over a long-lived access key, a delegated administrator account over the Organizations management account, preserving forensic evidence before you stop a compromised host. The trap is reaching for a service by its logo instead of naming the job first; once you name the job, the service follows.

The guide follows the six official domains, weighted the way the real exam weights them: Identity and Access Management (20%), Infrastructure Security and Data Protection (18% each), Detection (16%), and Incident Response and Security Foundations and Governance (14% each). Each chapter builds the mental model in plain language, then separates the look-alike options with comparison tables and decision trees, and ends with a cheat sheet for last-minute review. Start at the top, or pick a domain from the list beside this page.